BAE Systems sold cyber-surveillance tools to autocratic regimes

British multinational BAE Systems has sold sophisticated surveillance technology to many repressive governments in the Middle East and Africa, an investigation by BBC Arabic and Danish newspaper Dagbladet has revealed.

BAE Systems cyber-surveillance

The exported technology

The technology in question is called Evident, and enables governments to conduct mass surveillance of their citizens’ communications. According to a former employee, the system is capable of intercepting traffic, pinpointing device location, traffic cryptanalysis (i.e. decryption), and voice recognition.

Evident was created by Danish cyber and intelligence company ETI, which was acquired by BAE Systems in 2011. The sales, which were effected through ETI, are technically legal as the export authorization for the technology was given by the Danish government, through the Danish Business Authority.

The export licenses were granted even though the UK government has expressed concern about the sale of the Evident technology to the United Arab Emirates, and has noted that it would “refuse a licence to export this cryptanalysis software from the UK” because of national security concerns.

They were apparently worried that the system’s capabilities could be used to tap communications in the UK and Europe, if the equipment is set up in UAE embassies.

The Evident system has also been sold to the Tunisian government (before the Arab Spring protests and successful ousting of longtime president Ben Ali in 2011), Saudi Arabia, Qatar, Oman, Morocco and Algeria, whose governments have questionable human rights records.

“While it is not possible to link individual cases directly to the Evident system, increased levels of cyber-surveillance since the start of the Arab Spring have had a direct and devastating impact on the activities of human rights and democracy campaigners in many of the states that acquired it,” the reporters noted.

“I wouldn’t be exaggerating if I said more than 90% of the most active campaigners in 2011 have now vanished,” Yahya Assiri, a former Saudi air force officer, told the BBC.

Security vs privacy

Denmark – like 40 other countries including the US, Canada, European countries, Russia, and Australia – participates in the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (i.e. those that have both civilian and military uses). The Arrangement is meant to promote transparency and responsibility in transfers of conventional arms and dual-use goods and technologies. The Arrangement is not legally binding, though.

In October 2016, the European Commission has proposed a new amendment to Regulation (EC) No 428/2009, which forms the basis of European Union’s export control regime of dual-use technology. The amendment is aimed at making changes that would preventing human rights violations associated with cyber-surveillance technology.

In a possible attempt to bypass the restrictions imposed by the Wassenaar Arrangement and EU regulations, a UK-based businessman with close ties with the Saudi royal family attempted to buy Hacking Team in 2013, and relocate it to a country that did not sign the Arrangement, thereby making it possible to sell Hacking Team spyware technology anywhere in the world. The deal ultimately fell through.

Dutch politician Marietje Schaake – a member of the European Parliament and former advisor at the EU-funded research project that “investigates the role of traditional media and information and communications technologies in conflicts that accompany and follow transitions from authoritarian rule to more democratic forms of government” – noted that European countries will ultimately pay a price for the compromises now being made (she was referring to favouring security over privacy).

“I think the fact that these companies are commercial players, developing these highly sophisticated technologies that could have a deep impact on our national security, on people’s lives, requires us to look again at what kind of restrictions maybe be needed, what kind of transparency and accountability is needed in this market before it turns against our own interest and our own principles,” she added.

from Help Net Security – News http://bit.ly/2rDOE6u
via IFTTT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s